I tried debugging it too, but didn’t succeed. When you login normally, you send the data then you’re redirected immediately to a URL with a token that’ll take you to ThemeForest. In the script, in the log /cache/ files, it looks like in the first file that the first authentification process was ok, it shows my username and everything in the code, but before it gets to ThemeForest, it seems to be lost.

The envato session id is correct and isn’t lost anywhere so I don’t know what may cause it. Probably it’s because of that redirect, when you first submit the data

If you go to https://account.envato.com/ directly and login then your not redirected anywhere. You stay on that URL. As far as I can tell the field names didn’t change. This is a valid request I did with Firefox, JS disabled and the PHP has the same fields. Regexp are fine as well. Can’t figure out what they changed